Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i 9.10 allow remote attackers to inject arbitrary web script or HTML via the (1) node parameter to nnm/mibdiscover; (2) nodename parameter to nnm/protected/configurationpoll.jsp, (3) nnm/protected/ping.jsp, (4) nnm/protected/statuspoll.jsp, or (5) nnm/protected/traceroute.jsp; or (6) field parameter to nmm/validate. NOTE: this might be a duplicate of CVE-2011-4155 or CVE-2011-4156.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hp | Network Node Manager I | 9.10 |
Related Weaknesses (CWE)
References
- http://0a29.blogspot.com/2011/11/0a29-11-1-cross-site-scripting.htmlExploit
- http://osvdb.org/77396Exploit
- http://osvdb.org/77397Exploit
- http://osvdb.org/77398Exploit
- http://osvdb.org/77399Exploit
- http://osvdb.org/77400Exploit
- http://osvdb.org/77401
- http://secunia.com/advisories/46941Vendor Advisory
- http://www.securityfocus.com/archive/1/520653/100/0/threaded
- http://www.securityfocus.com/bid/50806Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/71527
- https://exchange.xforce.ibmcloud.com/vulnerabilities/71528
- http://0a29.blogspot.com/2011/11/0a29-11-1-cross-site-scripting.htmlExploit
- http://osvdb.org/77396Exploit
- http://osvdb.org/77397Exploit
FAQ
What is CVE-2011-5184?
CVE-2011-5184 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i 9.10 allow remote attackers to inject arbitrary web script or HTML via the (1) node parameter to nnm/mibdiscover; (2) n...
How severe is CVE-2011-5184?
CVE-2011-5184 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-5184?
Check the references section above for vendor advisories and patch information. Affected products include: Hp Network Node Manager I.